RTC - SSLV3 HandShake Error

[ParthibanSG]

I am using CLM 6.0.2 version and it is a stand-alone installation with no proxy server. I created sample workitems for testing RTCClient python package. I tried retrieving workitem via cURL and it works.

Additionally, I have my python script similar to the initial code snippet from rtcclient document like connecting to Jazz and getting a workitem. However, authentication to CLM is not happening and python script throws SSLV3 handshake error

raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='sampleclm.example.com', port=9443): Max retries exceeded with url: /jazz/authenticated/identity (Caused by SSLError(SSLError(1, u'[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:726)'),))

Is there anything missing from my end

[dixudx]

@ParthibanSG Please share your snippet and logs. Thanks.

[longxin1020]

D:\Anaconda3\envs\PythonProject\python.exe E:/WorkData/python_wks/pythonRTC/main.py
2021-02-20 15:34:51,700 DEBUG client.RTCClient: Get response from https://192.168.110.2:9443/ccm/authenticated/identity
2021-02-20 15:34:51,703 DEBUG urllib3.connectionpool: Starting new HTTPS connection (1): 192.168.110.2:9443
Traceback (most recent call last):
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\connectionpool.py", line 382, in _make_request
self._validate_conn(conn)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\connectionpool.py", line 1010, in validate_conn
conn.connect()
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\connection.py", line 411, in connect
self.sock = ssl_wrap_socket(
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\util\ssl.py", line 432, in ssl_wrap_socket
ssl_sock = ssl_wrap_socket_impl(sock, context, tls_in_tls)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\util\ssl.py", line 474, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock)
File "D:\Anaconda3\envs\PythonProject\lib\ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "D:\Anaconda3\envs\PythonProject\lib\ssl.py", line 1040, in _create
self.do_handshake()
File "D:\Anaconda3\envs\PythonProject\lib\ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1123)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\adapters.py", line 439, in send
resp = conn.urlopen(
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\urllib3\util\retry.py", line 573, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.110.2', port=9443): Max retries exceeded with url: /ccm/authenticated/identity (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1123)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "E:/WorkData/python_wks/pythonRTC/main.py", line 11, in
myclient = RTCClient(url, user, password, ends_with_jazz=False )
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\rtcclient\client.py", line 65, in init
self.headers = self._get_headers()
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\rtcclient\client.py", line 86, in _get_headers
resp = self.get(self.url + "/authenticated/identity",
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\rtcclient\utils.py", line 22, in wrapper
return func(*args, **kwargs)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\rtcclient\base.py", line 77, in get
response = requests.get(url, verify=verify, headers=headers,
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "D:\Anaconda3\envs\PythonProject\lib\site-packages\requests\adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.110.2', port=9443): Max retries exceeded with url: /ccm/authenticated/identity (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1123)')))

Process finished with exit code 1

[petersonsource]

I'm facing the same problem here and I don't no how do dealing with.

myclient = RTCClient(url, username, password, ends_with_jazz=False)
2022-05-03 22:03:18,357 DEBUG client.RTCClient: Get response from https://localhost:9443/ccm/authenticated/identity
2022-05-03 22:03:18,361 DEBUG urllib3.connectionpool: Starting new HTTPS connection (1): gid.caixa:9443
Traceback (most recent call last):
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\connectionpool.py", line 703, in urlopen
httplib_response = self._make_request(
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\connectionpool.py", line 386, in _make_request
self._validate_conn(conn)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\connectionpool.py", line 1040, in validate_conn
conn.connect()
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\connection.py", line 414, in connect
self.sock = ssl_wrap_socket(
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\util\ssl.py", line 449, in ssl_wrap_socket
ssl_sock = ssl_wrap_socket_impl(
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\util\ssl.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "C:\Users\Peterson\AppData\Local\Programs\Python\Python310\lib\ssl.py", line 512, in wrap_socket
return self.sslsocket_class._create(
File "C:\Users\Peterson\AppData\Local\Programs\Python\Python310\lib\ssl.py", line 1070, in _create
self.do_handshake()
File "C:\Users\Peterson\AppData\Local\Programs\Python\Python310\lib\ssl.py", line 1341, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:997)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\adapters.py", line 440, in send
resp = conn.urlopen(
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\connectionpool.py", line 785, in urlopen
retries = retries.increment(
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\urllib3\util\retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='gid.caixa', port=9443): Max retries exceeded with url: /ccm/authenticated/identity (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:997)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Peterson\AppData\Local\Programs\Python\Python310\lib\code.py", line 90, in runcode
exec(code, self.locals)
File "", line 1, in
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\rtcclient\client.py", line 73, in init
self.headers = self._get_headers()
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\rtcclient\client.py", line 91, in _get_headers
resp = self.get(self.url + "/authenticated/identity",
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\rtcclient\utils.py", line 27, in wrapper
return func(*args, **kwargs)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\rtcclient\base.py", line 81, in get
response = requests.get(url,
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\sessions.py", line 529, in request
resp = self.send(prep, **send_kwargs)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\sessions.py", line 645, in send
r = adapter.send(request, **kwargs)
File "C:\Users\Peterson\Desktop\rtcclient-0.6.0\venv\lib\site-packages\requests\adapters.py", line 517, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='gid.caixa', port=9443): Max retries exceeded with url: /ccm/authenticated/identity (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:997)')))

[dixudx]

@petersonsource Actually all the requests has disabled verifying ca bundles.

Above error may be caused by the cipher, I guess.

Please try to add below to rtcclient/__init__.py and see if it works,

requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'
try:
   requests.packages.urllib3.contrib.pyopenssl.util.ssl_.DEFAULT_CIPHERS += ':HIGH:!DH:!aNULL'
except AttributeError:
   # no pyopenssl support used / needed / available
   pass